UIC John Marshall Journal of Information Technology & Privacy Law


Article 25 of the European Data Protection Directive provides a set of standards that are to be used by countries in the European Union when personal data processed in the particular member country transfers such information to third countries. This directive dictates that it must be ascertained, before transferring such personal information, that the third country ensures an adequate level of protection. Zinser initially examines the history and scope of Article 25 of the European Data Protection Directive before examining each of the standards and factors contained therein, with regard to the transfer of such information. He offers analysis of each of these factors by breaking down the language and giving meaning to the various phrases contained therein. Each analysis is concluded with criticism of the particular provisions as to workability and practicability of the language. The article concludes with Zinser’s own approach to the problems approached by Article 25 and proposals for changes.